DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Secure key storage and distribution

Abstract

This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.

Inventors:
Issue Date:
Research Org.:
Washington State Univ., Pullman, WA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1183337
Patent Number(s):
9049011
Application Number:
13/967,029
Assignee:
Washington State University (Pullman, WA)
Patent Classifications (CPCs):
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
DOE Contract Number:  
OE0000097
Resource Type:
Patent
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING; 99 GENERAL AND MISCELLANEOUS

Citation Formats

Agrawal, Punit. Secure key storage and distribution. United States: N. p., 2015. Web.
Agrawal, Punit. Secure key storage and distribution. United States.
Agrawal, Punit. Tue . "Secure key storage and distribution". United States. https://www.osti.gov/servlets/purl/1183337.
@article{osti_1183337,
title = {Secure key storage and distribution},
author = {Agrawal, Punit},
abstractNote = {This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2015},
month = {6}
}

Works referenced in this record:

System and method for initial key establishment using a split knowledge protocol
patent, August 2012


Password Authentication Using Multiple Servers
book, January 2001


Addition of El Gamal Plaintexts
book, January 2000


Shared generation of authenticators and signatures
book, January 2007


Long-lived authentication protocols for process control systems
journal, December 2010


Threshold cryptography
journal, July 1994


Impossibility of distributed consensus with one faulty process
journal, April 1985


Proactive Secret Sharing Or: How to Cope With Perpetual Leakage
book, January 1995


The Byzantine Generals Problem
journal, July 1982


Byzantine quorum systems
journal, October 1998


CODEX: a robust and secure secret distribution system
journal, January 2004


How to share a secret
journal, November 1979


Proactive Resilience Revisited: The Delicate Balance Between Resisting Intrusions and Remaining Available
conference, October 2006


Survivable information storage systems
journal, January 2000


COCA: A secure distributed online certification authority
journal, November 2002


APSS: proactive secret sharing in asynchronous systems
journal, August 2005


How Resilient are Distributed f Fault/Intrusion-Tolerant Systems?
conference, January 2005


    Works referencing / citing this record: